Archive for the ‘Security’ Category

Facebook has recently announced that they will start expiring access tokens after 60 days. These tokens are used for Cloud Preservation to crawl Facebook feeds that require user authorization. To ensure proper crawling of your Facebook feeds you will need to reauthorize Cloud Preservation every 60 days.

This can be done by going to the feed’s settings and selecting to either enter your Facebook credentials or emailing the user who originally authorized the feed.

After saving the changes you will either be directed to sign into Facebook or an email will be sent to the email address you entered.

As a feed owner you will be notified 5 days before tokens are scheduled to expire, and again the day they expire, if you have not already reauthorized.

While this is may be seen as a nuisance, we understand that Facebook is taking this step to improve user security and we will do our best ensure the process is as smooth as possible.

Ever wonder how much power has been dedicated to your current import? Along with some recent infrastructure upgrades, we’ve brought that information right up front where you can see it, giving you visibility to the elastic ramp-up of dedicated servers and processors working on your requests. (Elastic ramp-up is a core capability of any legitimate cloud computing solution — Here’s Amazon’s case study of Nextpoint’s implementation.)

Available now via:

in Discovery/Review Cloud: “Imports/Exports”

in Trial (Prep) Cloud: “More” -> “My Downloads” -> “Imports”

Each processing request begins by breaking the work up into smaller “Jobs”. There’s a lot of logic put into just how that breakup occurs, but the gist of it is: bigger requests = more jobs = more dedicated processors to get your work done.

We’re happy to be pushing this information to the front and hope that you like it too!

Ensuring confidential/secure data remains confidential and secure is vital at every stage of litigation. Nowhere are you at more risk than when data is literally in someone’s hands… their laptop. We’ve posted before about how encrypting data on your laptop makes it harder to steal, but not impossible. Even strategies that are “unbeatable” today are probably just waiting for someone with the proper motivation to take them down.

I was reminded of this again today while reading “Laying Someone Off? Better Check That Laptop”, from The National Law Journal. When people get fired they get frustrated; and when they get frustrated they may do some things they normally wouldn’t do. If that something involves taking (or harming) electronic data — a lot of damage can be done; and fast.

This has been a problem for a long time. Occasionally, security will “walk someone out” to avoid a physical conflict but more often they’re making sure someone’s last hour of work isn’t spent downloading files and loading their briefcase. But what about when someone gets wind of the impending cuts a little early – or they happen to have forgotten their laptop at home that fateful day?

I’m not naive enough to think that your work laptop will have literally zero confidential data on it, but using a SaaS solution for your case management tool can certainly go a long way. You have literally millions of pages of evidence for your case — while no one has downloaded all of that (which is another reason why you are better served not depending on a laptop as your storage location, but I digress) … they might start looking for some key docs when they get the bad news. We can cut that access off in literally one second.

Piling on, Rocket Matter posted another great point about depending on your laptop as a data storage location today, Minimizing Downtime. If you’re without that machine for a few days: what does that cost you? … and that’s assuming you’ve been religiously backing it up. Have you?

There is a very interesting piece in the NYT today regarding how researchers have figured out how to steal encrypted data. All you need is a can of dust remover to crack local file encryption. Literally, even if that data is encrypted on a local drive, its not safe.

One of the quickly disposed of objections to web-based applications is that they are somehow less secure. I’ve had lawyers and incredibly, law firm IT bureaucrats insist “but this computer is right here, how can this be less secure than your web servers?”

We have long maintained that the least secure technology model possible is the one currently employed by most law firms, which will come as no shock to anyone who interfaces regularly with law firm IT. That model is to try to lock down laptops using network configurations and user permission rights that have the end result of making the laptop practically impossible to use and crushing the performance of even the speediest computer.

And now it seems, without even being secure. All the pain, no gain.

Web-based apps are far more secure and provide much better performance at the same time. Every use is authenticated and logged. Access can be shut off immediately. It can’t be left on a plane or on the subway. And no one is going to steal our web servers and freeze them with stuff you can buy at Staples.